How to protect against clickjacking attack but allow legit iframes?
I’m aware of modern anti-clickjacking approaches, such as X-Frame-Options header or framekiller scripts. But all these tactics prevent content to be inside iframe. But what if there is a requirement for content to be in iframe, such as Twi… Continue reading How to protect against clickjacking attack but allow legit iframes?